File access rights problem

Hello Forum,

I am using Duplicati with manjaro. After the first installation everything went right. Unfortunately I do have problems with most of the files I save on my PC and running a new backup after it: Duplicati does not have the access right to those files and is reporting errors:

2019-07-28 10:00:24 +02 - [Warning-Duplicati.Library.Main.Operation.Backup.FileBlockProcessor.FileEntry-PathProcessingFailed]: Failed to process path: … <

I have to manually give those files the right to be read by everyone. Is that a problem of the OS or do I have to grant Duplicati access to a special owner group.

I really would appreciate an advice.

Kind regards.

Hello @Nexgolit and welcome to the forum!

Duplicati does not directly provide a package for Arch/Manajaro from what I can see (I don’t run either).

What user is Duplicati using (e.g. look by ps -ef | grep Duplicati? If duplicati that’s the cause.

2017-10-22 duplicati.service should run as duplicati user now.

shows where that change happened, in at least one potential source. I don’t know where you got yours. Perhaps the maintainer of your package could explain why things are that way, e.g. was it for security?

Possibly putting your user (only one?) in group duplicati would let Duplicati get to files by group access, assuming your files tend to give read access to group (I don’t know what sort of umask you’re running).

Having Duplicati run as root would solve R/W access and is good if you backup multiple users at once.

Installing Duplicati on Linux (Arch / Manjaro) has a solution that possibly runs as root, but I can’t test it…

Removing the user and group lines in the file allows you to run as super user. Yes. :slight_smile:"root"

finds some information from the non-beta “canary” side of the history on why the setup is as it is.
Possibly the maintainer would be willing to take further comments, but please read history first…

Discussion of issue (seems mainly security, e.g. web server run as root) started at 2017-09-14.
Duplicati’s lead author commented on its non-hardened web server access, e.g. here and here.